need project review

Tim Alsop Tim.Alsop at CyberSafe.Com
Mon Apr 7 15:16:42 EDT 2008


Why don't you store all master key versions in the database and encrypt
them all with the latest master key ? That's what we do with our
TrustBRoker product and we already include a master key change utility,
and it works very well, even with incremental propagation. We didn't
have to change our stash file to a keytab file, or change the contents
of it.


-----Original Message-----
From: krbdev-bounces at MIT.EDU [mailto:krbdev-bounces at MIT.EDU] On Behalf
Of Ken Raeburn
Sent: 07 April 2008 20:11
To: Jeffrey Hutzelman
Cc: MIT Kerberos Dev List
Subject: Re: need project review

On Apr 7, 2008, at 15:03, Jeffrey Hutzelman wrote:
> It doesn't happen currently, but I gather that one of the purposes of
> moving to keytabs as a storage mechanism is to allow more than one  
> master
> key version to be stored, so that database entries do not all have  
> to be
> reencrypted at once (possibly resulting in a service outage while the
> update occurs).

Yes.  Of course, once this is done, and password changes start  
happening, the old master key is no longer enough to retrieve all of  
the database contents, so downgrading is a non-trivial process.

krbdev mailing list             krbdev at

More information about the krbdev mailing list